mirror of
https://github.com/ohmyzsh/ohmyzsh.git
synced 2024-11-24 16:53:47 +01:00
1868c15ec6
huntr.dev has pivoted to ML/AI-only vulnerability reporting, and we are now already using GitHub's private vulnerability reports.
953 B
953 B
Security Policy
Supported Versions
At the moment Oh My Zsh only considers the very latest commit to be supported. We combine that with our fast response to incidents and the automated updates to minimize the time between vulnerability publication and patch release.
Version | Supported |
---|---|
master | ✅ |
other commits | ❌ |
In the near future we will introduce versioning, so expect this section to change.
Reporting a Vulnerability
Do not submit an issue or pull request: this might reveal the vulnerability.
Instead, you should email the maintainers directly at: security@ohmyz.sh, or using the link to privately report a vulnerability with GitHub.
We will deal with the vulnerability privately and submit a patch as soon as possible.